<<< Date Index >>>     <<< Thread Index >>>

[AJECT] SurgeMail IMAP 3.9e vulnerability



----------------------------------------
Synopsis
----------------------------------------
SurgeMail Mail Server 3.9e (Windows and Unix-based versions) is vulnerable to denial-of-service (DoS) attacks. The nature of the crash may indicate a buffer overflow problem, but the developers claimed otherwise. The IMAP server abruptly crashes when processing an APPEND message with a large parameter.

Product: SurgeMail Mail Server
Version: 3.9e and probably the older versions
Vendor: NetWin (www.netwinsite.com)
Type: Denial-of-service
Risk: service disruption
Remote: Yes
Discovered by: João Antunes (AJECT -- Attack Injection Tool) on 04/Jun/ 2008
Exploit: Not Available
Solution: Not Available
Status: Developers were contacted and corrected the software in version 3.9g2


----------------------------------------
Vulnerability Description
----------------------------------------
The vulnerability can be triggered by sending  the following messages:
A01 LOGIN username password
A01 APPEND Ax5000 (UIDNEXT MESSAGES)

This should crash both the windows and unix-based versions of the IMAP server.
Successful exploitation results in a remote denial of service.